package com.buddy.sds.auth.filter;

import com.buddy.sds.auth.entity.JWTToken;
import com.buddy.sds.auth.entity.SystemPermission;
import com.buddy.sds.auth.entity.SystemRole;
import com.buddy.sds.auth.entity.SystemUser;
import com.buddy.sds.auth.service.ISystemPermissionService;
import com.buddy.sds.auth.utils.JWTUtil;
import com.buddy.sds.common.properties.RunMode;
import com.buddy.sds.common.properties.SDSProperties;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.AntPathMatcher;
import org.apache.shiro.web.filter.authc.AuthenticatingFilter;
import org.apache.shiro.web.util.WebUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.List;

@Slf4j
public class JWTAuthFilter extends BaseAuthenticatingFilter {

    private final String AuthorizationHeader = "Authorization";
    private final String Bearar = "Bearer ";

    public JWTAuthFilter() {
        log.info("jwt过滤器被初始化");
    }

    /**
     * 认证失败 返回401
     *
     * @param servletRequest
     * @param servletResponse
     * @return
     * @throws Exception
     */
    @Override
    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {

        /*
        HttpServletResponse httpResponse = WebUtils.toHttp(servletResponse);
        httpResponse.setCharacterEncoding("UTF-8");
        httpResponse.setContentType("application/json;charset=UTF-8");

        httpResponse.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
        */
        //交给下一个过滤器继续处理
        return true;
    }

    @Override
    protected boolean onLoginSuccess(AuthenticationToken token, Subject subject, ServletRequest request, ServletResponse response) throws Exception {
        log.debug("token:{} vaild success", token.getCredentials());
        return super.onLoginSuccess(token, subject, request, response);
    }

    @Override
    protected boolean onLoginFailure(AuthenticationToken token, AuthenticationException e, ServletRequest request, ServletResponse response) {

        log.error("token:{} invaild", token.getCredentials());
        return super.onLoginFailure(token, e, request, response);
    }



    @Override
    protected AuthenticationToken createToken(ServletRequest request, ServletResponse response) {

        HttpServletRequest httpServletRequest = (HttpServletRequest) request;

        String jwtToken = httpServletRequest.getHeader(AuthorizationHeader);

        if (!StringUtils.isEmpty(jwtToken) && !JWTUtil.isTokenExpired(jwtToken)) {

            return new JWTToken(jwtToken);
        }
        return null;
    }


    protected boolean hasAuthorizationHeader(ServletRequest request) {


        HttpServletRequest httpServletRequest = (HttpServletRequest) request;

        String jwtToken = httpServletRequest.getHeader(AuthorizationHeader);

        return !StringUtils.isEmpty(jwtToken) && ! jwtToken.startsWith(Bearar);
    }
}

